MFSA 2009-07: Crashes with evidence of memory corruption (rv:1.9.0.7) (Critical)Mozilla hasn't demonstrated that these crashes are exploitable, but presumes they may from their general nature. Note: Some of these affect Firefox 2, which is not patched.

MFSA 2009-09: XML data theft via RDFXMLDataSource and cross-domain redirect (High)Private data could be stolen from another domain in the context of the user.

MFSA 2009-10: Upgrade PNG library to fix memory safety hazards (Critical)A new set of vulnerabilities in the libpng library has been patched and the updated library incorporated into Mozilla products.

MFSA 2009-11: URL spoofing with invisible control characters (Low)A display bug in the location bar could result in a misleading address.